Example 31 with CertificateAuthorityServiceClient
use of com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient in project java-security-private-ca by googleapis.
the class ActivateSubordinateCa method activateSubordinateCA.
// Activate a subordinate CA.
// *Prerequisite*: Get the CSR of the subordinate CA signed by another CA. Pass in the signed
// certificate and (issuer CA's name or the issuer CA's Certificate chain).
// *Post*: After activating the subordinate CA, it should be enabled before issuing certificates.
public static void activateSubordinateCA(String project, String location, String pool_Id, String certificateAuthorityName, String subordinateCaName, String pemCACertificate) throws ExecutionException, InterruptedException, IOException {
// clean up any remaining background resources.
try (CertificateAuthorityServiceClient certificateAuthorityServiceClient = CertificateAuthorityServiceClient.create()) {
// Subordinate CA parent.
String subordinateCaParent = CertificateAuthorityName.of(project, location, pool_Id, subordinateCaName).toString();
// Construct the "Activate CA Request".
ActivateCertificateAuthorityRequest activateCertificateAuthorityRequest = ActivateCertificateAuthorityRequest.newBuilder().setName(subordinateCaParent).setPemCaCertificate(pemCACertificate).setSubordinateConfig(SubordinateConfig.newBuilder().setCertificateAuthority(CertificateAuthorityName.of(project, location, pool_Id, certificateAuthorityName).toString()).build()).build();
// Activate the CA.
ApiFuture<Operation> futureCall = certificateAuthorityServiceClient.activateCertificateAuthorityCallable().futureCall(activateCertificateAuthorityRequest);
Operation response = futureCall.get();
if (response.hasError()) {
System.out.println("Error while activating the subordinate CA! " + response.getError());
return;
}
System.out.println("Subordinate Certificate Authority activated successfully ! !" + subordinateCaName);
TimeUnit.SECONDS.sleep(3);
// The current state will be STAGED.
// The Subordinate CA has to be ENABLED before issuing certificates.
System.out.println("Current State: " + certificateAuthorityServiceClient.getCertificateAuthority(subordinateCaParent).getState());
}
}
Also used :
CertificateAuthorityServiceClient(com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient)
Operation(com.google.longrunning.Operation)
ActivateCertificateAuthorityRequest(com.google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest)
Aggregations
CertificateAuthorityServiceClient (com.google.cloud.security.privateca.v1.CertificateAuthorityServiceClient)31
Operation (com.google.longrunning.Operation)14
Test (org.junit.Test)9
Certificate (com.google.cloud.security.privateca.v1.Certificate)8
ByteString (com.google.protobuf.ByteString)6
CertificateAuthority (com.google.cloud.security.privateca.v1.CertificateAuthority)5
CaPoolName (com.google.cloud.security.privateca.v1.CaPoolName)3
State (com.google.cloud.security.privateca.v1.CertificateAuthority.State)3
CertificateAuthorityName (com.google.cloud.security.privateca.v1.CertificateAuthorityName)3
SubjectConfig (com.google.cloud.security.privateca.v1.CertificateConfig.SubjectConfig)3
CertificateName (com.google.cloud.security.privateca.v1.CertificateName)3
CertificateTemplate (com.google.cloud.security.privateca.v1.CertificateTemplate)3
X509Parameters (com.google.cloud.security.privateca.v1.X509Parameters)3
CaPool (com.google.cloud.security.privateca.v1.CaPool)2
IssuancePolicy (com.google.cloud.security.privateca.v1.CaPool.IssuancePolicy)2
KeyVersionSpec (com.google.cloud.security.privateca.v1.CertificateAuthority.KeyVersionSpec)2
CreateCertificateAuthorityRequest (com.google.cloud.security.privateca.v1.CreateCertificateAuthorityRequest)2
CreateCertificateRequest (com.google.cloud.security.privateca.v1.CreateCertificateRequest)2
ActivateCertificateAuthorityRequest (com.google.cloud.security.privateca.v1.ActivateCertificateAuthorityRequest)1
CertificateIdentityConstraints (com.google.cloud.security.privateca.v1.CertificateIdentityConstraints)1
